GDPR Withdrawal of Consent API

GDPR Overview

For GDPR compliance, users who provide consent have the ability to withdraw consent at any time (see our FAQ for more information). MoPub informs our downstream partners when the user has withdrawn consent so that they, as an independent controller of the user’s personal data, can meet any independent obligations they may have to honor the user’s choice to withdraw consent, including by not engaging in further processing of the user’s personal data unless they have other legal grounds for such processing.

API Overview

The Withdrawal of Consent API supports two separate outputs where downstream partners can retrieve the Advertising IDs of users that have withdrawn their consent or check which dates the reports are available for.

The List Reports endpoint contains the dates of the available reports.

The Fetch Report endpoint only contains the advertising IDs of the users that have withdrawn their consent. These are users that previously provided consent and chose to withdraw such consent at a later date.

Reports are available daily for only the previous 21 days. All dates are in UTC.

The API requires a valid API key in order to retrieve the data. Please contact your account manager or mopubDSPsuccess@twitter.com to retrieve an API Key.

List Report

Request

The report can be retrieved by making an HTTP GET request and providing authentication.

Required Parameters

Type

Header Field

Header Value

Header

x-api-key

API Key provided by MoPub.

Note: the “X-API-Key”/”x-api-key” header key is not case-insensitive, but the header value, the actual API key, is.

Fetch Report

Request

The report can be retrieved by making an HTTP GET request and providing authentication. This will return a 302 redirect to a temporary URL (valid for 60 seconds) that can be used to download the report. The URLs are valid for 60 seconds.

Required Parameters

Type

Header Field

Value

Header

x-api-key

API key provided by MoPub.

Note: the “X-API-Key”/”x-api-key” header key is not case-insensitive, but the header value, the actual API key, is.